Automatically applying components based on crash stacktrace and information from OWNERS files.

If this is incorrect, please apply the Test-Predator-Wrong-Components label.

Automatically assigning owner based on suspected regression changelist https://chromium.googlesource.com/chromium/src/+/523efae2ae9590d0bc4c0229277020db49fb5438 (Field Trial: Drop runtime flag for V8ContextSnapshot).

If this is incorrect, please let us know why and apply the Test-Predator-Wrong-CLs label. If you aren't the correct owner for this issue, please unassign yourself as soon as possible so it can be re-triaged.

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/ff19f4443204410b3be71c476d23c716db18c800

commit ff19f4443204410b3be71c476d23c716db18c800
Author: Hitoshi Yoshida <peria@chromium.org>
Date: Mon Dec 17 07:58:17 2018

binding: Drop a runtime enabled flag for V8ContextSnapshot

After https://crrev.com/616192, end users don't have a way to
enable/disable the usage of V8ContextSnapshot feature.
As a workaround, we have a runtime enabled flag, that is rarely
used and makes conditions complex. (hence it introduces a few crash issues.)
So this CL removes the runtime enabled flag.

We still have a GN flag |use_v8_context_snapshot|, and developers
can use it to enable/disable the feature.


Bug:  915488 , 519542,  91553 
Change-Id: Iea3037036c01ca40044269330db223430bbf5d1c
Reviewed-on: https://chromium-review.googlesource.com/c/1379624
Reviewed-by: Kentaro Hara <haraken@chromium.org>
Reviewed-by: Hitoshi Yoshida <peria@chromium.org>
Reviewed-by: Yuki Shiino <yukishiino@chromium.org>
Commit-Queue: Hitoshi Yoshida <peria@chromium.org>
Cr-Commit-Position: refs/heads/master@{#617061}
[modify] https://crrev.com/ff19f4443204410b3be71c476d23c716db18c800/third_party/blink/renderer/bindings/core/v8/v8_initializer.cc
[modify] https://crrev.com/ff19f4443204410b3be71c476d23c716db18c800/third_party/blink/renderer/platform/runtime_enabled_features.json5

ClusterFuzz has detected this issue as fixed in range 617060:617061.

Detailed report: https://clusterfuzz.com/testcase?key=5066692369317888

Fuzzer: lcamtuf_cross_fuzz
Job Type: linux_ubsan_vptr_chrome
Platform Id: linux

Crash Type: Null-dereference READ
Crash Address: 0x000000000000
Crash State:
  v8::Context::Enter
  blink::V8FileSystemCallback::handleEvent
  blink::V8FileSystemCallback::InvokeAndReportException
  
Sanitizer: undefined (UBSAN)

Regressed: https://clusterfuzz.com/revisions?job=linux_ubsan_vptr_chrome&range=616191:616192
Fixed: https://clusterfuzz.com/revisions?job=linux_ubsan_vptr_chrome&range=617060:617061

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5066692369317888

See https://github.com/google/clusterfuzz-tools for instructions to reproduce this bug locally.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase 5066692369317888 is verified as fixed, so closing issue as verified.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.